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CROSS-REFERENCES TO RELATED APPLICATIONS 
This application claims priority from a U.S. Provisional Patent 
60/1 17,788 filed on January 29, 1999 and from a U.S. Provisional Patent Application 
10 60/128,772 filed on April 9, 1999, the disclosures of which are incorporated in their 
entirety herein by reference for all purposes. 

FIELD OF THE INVENTION 

This invention relates to the field of communication in telephony 
15 networks, and more particularly, to the establishment of a secure communication channel 
between users in an IP telephony network. 



BACKGROUND OF THE INVENTION 
Internet Protocol (LP) telephony networks allow large numbers of users to 

20 communicate with each other over secure channels. Typically, a user is coupled to the IP 
telephony network via a telephony adapter (TA). In a cable IP networks, a cable 
telephony adapter (CTA) may be used. The CTA converts user information, such as 
voice or data, into packets for transmission on the network, and converts received packets 
into digital or analog signals for use by the user. 

25 To implement a secure channel between two users in the IP telephony 

network, their associated CTAs use the same encryption techniques and keys. However, 
this presents a problem since for CTA to CTA communications, there is a very large 
number (millions) of possible connections that may be established. Thus, any single CTA 
cannot possibly maintain security associations for all possible connections ahead of time. 

30 Therefore a security association (e.g. encryption key) must be established on the fly- 
when the secure channel (phone call) is first set up. 
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Standard techniques to establish CTA to CTA communications provide 
secure key exchanges (authenticated and confidential), and use one of two techniques. In 
the first technique, a known key is shared between the two parties. As stated above, this 
technique does not scale to millions of users and is therefore not applicable for general IP 
telephony networks. The second technique, uses a public key technique, such as Diffie- 
Hellman exchanges in combination with digital signatures. Such techniques are costly in 
terms of time and CPU consumption and may cause a noticeable delay in call setup or 
increase the cost of the CTA device. Thus, public key techniques are not desirable for 
this purpose. 

SUMMARY OF THE INVENTION 
The present invention provides a system for establishing secure 
communication between users in an IP telephony network. In IP telephony networks, 
gateway controllers are used to control messaging between the users and the IP telephony 
network infrastructure. 

The system included in the present invention provides a gateway controller 
that creates a media stream encryption key that is used to encrypt and decrypt messages 
between users. When a first user attempts to establish a secure channel with a second 
user, the gateway controller (source) associated with the first user, creates the media 
stream encryption key, sends the key inside a signaling message to the gateway controller 
(destination) that services the second user. The two gateway controllers then send the key 
to the two CTAs, that service the first and second users. This allows the two CTAs, and 
thus, the two users to quickly establish a secure communication channel in the IP 
telephony network. 

In an embodiment of the present invention a method for establishing a 
secure communication channel between a first user and a second user in an IP telephony 
network is provided. The first user and the second user are coupled to first and second 
telephony adapters, which in turn, are coupled to first and second gateway controllers, 
respectively, wherein the gateway controllers control user access to the IP telephony 
network. The telephony adapters are used to encrypt and decrypt user information 
exchanged over the IP telephony network. The method begins by receiving a request at 
the first gateway controller to establish a secure communication channel between the first 
user and the second user. Next, a secret key is generated at the first gateway controller. 
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A copy of the secret key is distributed to the first and second telephony adapters over 
previously established secure connections. Finally, the secure communication channel is 
established between the first user and the second user by encrypting and decrypting 
information using the secret key. 
5 A further understanding of the nature and the advantages of the inventions 

disclosed herein may be realized by reference to the remaining portions of the 
specification and the attached drawings. 

J;j BRIEF DESCRIPTION OF THE DRAWINGS 

ffl 10 FIG. 1 shows a portion of an IP telephony network constructed in 

q accordance with the present invention; 

<Sj FIG. 2 shows a gateway controller constructed in accordance with the 

ft present invention. 

3 FIG. 3 shows a message flow diagram illustrating message flow in the IP 

15 telephony network of FIG. 1 in accordance with the present invention; 

FIG. 4 shows a method for establishing a secure communication channel 
between users in the IP telephony network of FIG. 1 using the messages shown in FIG. 3; 
and 

FIG. 5 shows the IP telephony network of FIG. 1 and includes a 
20 connection to a plain old telephone system (POTS) gateway. 



III 



DESCRIPTION OF THE SPECIFIC EMBODIMENTS 
The present invention includes a system for establishing a secure 
communication channel between users of an IP telephony network. Embodiments of the 
25 present invention utilize key-based encryption techniques as a mechanism for achieving 
secure communication in the IP telephony network. Such embodiments are not limited to 
using any one encryption technique, and therefore, it is possible to construct embodiments 
of the present invention using several types of encryption techniques. Since the type of 
encryption technique selected is not essential to the embodiments of the present 
30 invention, a detailed description of a specific encryption technique is not provided. 

For purposes of clarity and convenience, it will be assumed that the IP 
telephony network is a cable network, and so, cable telephony adapters (CTA) will be 
used in the various embodiments. However, the invention is not limited to using CTAs, 
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and may in fact be implemented using any other type of telephony adapters as required by 
a particular network. 

FIG. 1 shows a portion of an IP telephony network 100 constructed in 
accordance with the present invention. The network 100 includes a first user 102 coupled 
5 to a source CTA 104. The source CTA 104 is further coupled to a source gateway 
controller 1 06 and an IP telephony network backbone 110, 

The network 100 also includes a second user 112 coupled to a destination 
CTA 1 14. The destination CTA 1 14 is further coupled to a destination gateway controller 
Q 116 and the IP telephony network backbone 110. In addition, the network 100 also 

1*3 10 includes a customer service representative (CSR) center 120, a provisioning server 122 
22 and a billing host 124. 

f.*-* Each user of the network 100 goes through an initialization process to 

54 activate network service. For example, when the user 102 and associated CTA 104 are 

coupled to the network, a series of messages are exchanged between the CTA 104, the 
M 15 gateway controller 106 and the CSR 120. The messages provide for activation of 

telephony service for the user 102, establishment of account information and creation of 
encryption keys to be used by the CTA to encrypt and decrypt messages exchanged over 
the network. The billing host 124 is used to setup account information for each user and 
to bill for network usage. The provisioning server 122 is used to initialize and register 
20 CTA devices within a specific IP telephony network. 

FIG. 2 shows one embodiment of a gateway controller 200 constructed in 
accordance with the present invention. The gateway controller 200 includes a message 
processor 202, a key creation module 204 and a key storage 206. The gateway controller 
200 is coupled between the IP telephony backbone and a network adapter, such as a CTA 
25 device. For example, the gateway controller 200 is suitable for use as the gateway 
controller 106 in FIG. L 

The message processor 202 processes messages that are exchanged 
between the CTA and other components of the telephony network. For example, when 
messages are exchanged between the CTA and other components of the network during 
30 an initial CTA registration process. 

The key creation module 204, has logic to create or derive keys that may 
be used to encrypt or decrypt messages exchanged between CTAs over the IP telephony 
backbone 110. The keys may be stored in the key storage 206. The key storage has logic 
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to encrypt the keys before storage using a public/private key pair. For example, the 
public/private key pair may be provided by the network 1 00 infrastructure or from 
government law enforcement officials. 

FIG. 3 shows a message exchange diagram 300 illustrating how messages 
5 are exchanged between the components of the network 100 to establish a secure 
communication channel between the user 102 and the user 112. The messages are 
transmitted or received at the source CTA represented at line 302, the source gateway 
controller 106 represented at line 304, the destination gateway controller 116 represented 

Q 

j|| at line 306, and the destination CTA 1 14 represented at line 308. 

^ 1 0 FIG. 4 shows a flow diagram 400 illustrating the process of establishing a 

63 secure communication channel utilizing the messages shown in FIG. 3 in accordance with 

i*n the present invention. 

W At block 402, secure call signaling between the source and destination 

Q gateway controllers is established as shown by message 310. At block 404, secure call 

£1 15 signaling between source and destination CTAs and their associated gateway controller is 
? P established as shown by messages 312 and 314. 

ffj At block 406, the user 102 desires to place a secure call to the user 1 12 and 

so notifies the CTA 104 which in turn notifies the gateway controller 106, as shown by 
message 316 and at path 130. At block 408, the source gateway controller creates a key 

20 to be used to establish the secure communication channel requested by the user 1 02. In 
one embodiment, the key is a random number and may be generated, for example, at the 
key creation module 204. 

At block 41 0, the key is transmitted from the source gateway controller to 
the destination gateway controller, as shown by message 318 and at path 132. At block 

25 412, the destination gateway controller forwards the key to the destination CTA as shown 
by message 320 and at path 134. At block 414, the destination CTA sends an 
acknowledgment to the destination gateway controller indicating that the key has been 
received, as shown by message 322 at path 136. 

At block 416, the destination gateway controller sends an acknowledgment 

30 to the source gateway controller indicating that the key has been received, as shown by 
message 324 at path 138. At block 418, the source gateway controller transmits the key 
to the source CTA, as shown by message 326 at path 140. At block 420, the source CTA 
responds by transmitting an acknowledgment as shown by message 328 at path 142. 
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At block 422, a secure channel between the source CTA and the 
destination CTA can now be established where encrypted messages can be exchanged 
between the telephony users 102 and 1 12, as shown by message 330 at path 144. 

As a result of the above described operations, the source gateway 
5 controller creates an encryption key and distributes it to the source and destination CTAs 
to quickly set up a secure communication channel thereby allowing the user 102 and the 
user 1 12 to communicate over the IP telephony network 100. In one embodiment the 
messages distributing the key are additional messages used to operate the network 100. 

rf5 In another embodiment, the key may be incorporated into existing call signaling messages 

m . 

ffl 10 so as to keep of the overall message overhead low and improve network efficiency. 

FIG. 5 shows the IP telephony network 100 of FIG. 1 and includes a 

H connection to a plain old telephone system (POTS) gateway 504. The POTS gateway 504 

f*j is coupled to a third user 502 of the network 100. 

% To establish a secure communication channel between the user 102 and the 

1^ 15 user 502, the method of FIG, 4 can be used, however, since there is no destination CTA, 

111 

operations relating to the destination CTA are not used. For example, the POTS gateway 
"|f | can provide a private and authenticated connection. Thus, the following describes the 

differences in the call setup process when using the POTS gateway. 

At block 410, the source gateway controller sends the key to the POTS 
20 gateway 504, as shown by path 506. The blocks 412 and 414 are skipped. At block 416, 
the POTS gateway sends an acknowledge signal to the source gateway controller as 
shown by path 508. Blocks 418 through 422 remain the same. 

Using the above modifications to the method of FIG. 4, a private and 
authenticated secure channel can be established between the CTA 104 and the POTS 
25 gateway 504, as shown at path 520, so that the users 102 and 504 may exchange 
messages. 

In another embodiment of the present invention, where the call origination 
is reversed, the encryption key can be requested from the destination gateway. For 
example, the user 502 requests to make a call to user 102. The POTS gateway 504 
30 requests the encryption key from the gateway controller 106, which services the user 102. 
The gateway controller 106 then creates the encryption key and provides it to the POTS 
gateway to allow a secure communication channel to be created between the POTS 
gateway and the CTA 104. 
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In another embodiment of the present invention, the encryption key can be 
created at the source gateway controller by deriving it from a secret already shared 
between the source gateway controller and the source CTA. Thus, both the source 
gateway controller and the source CTA can derived the key from the shared secret. In 
this embodiment, it is not necessary for the source gateway controller to transmit the key 
to the source CTA after it has been distributed to the destination CTA. This results in 
fewer messages being exchanged to setup the secure channel between the users. 

In another embodiment of the present invention, the key created at the 
source gateway controller can be shared with law enforcement. The Communications 
Assistance for Law Enforcement Act (CALEA) requires that phone systems allow the 
government access to conversations flowing within their networks for wire-tapping 
purposes. To facilitate this, a CALEA server 510 may be included in the network 100 as 
shown in FIG. 5. The CALEA server can be accessed by law enforcement, either 
directly, as shown by 512, or from some other location within the network 100. 

The source gateway controller may operate in several ways to comply with 
the CALEA requirements. In a first method of operation, the source gateway controller 
receives a request 514 from the CALEA server to forward any key created for use with a 
particular user. For example, when the user 102 requests to make a call and a key is 
created, the key is transmitted to the CALEA server, as shown at 516, In a second 
method of operation, the source gateway controller receives a request 514 to forward any 
key currently being used by a particular user. For example, if the user 102 already has a 
call established using a particular key, that key is transmitted to the CALEA server, as 
shown at 5 1 6. In a third method of operation, the source gateway controller receives a 
request 514 to forward any key previously used by a particular user. For example, if the 
user 102 had previously made a call using a particular key, that key is stored in the key 
storage 206 of the gateway controller. The key is retrieved from the key storage and 
transmitted to the CALEA server as shown at 516. 

In one embodiment, the keys are encrypted prior to storage. The 
encryption is done using a public/private key pair belonging to law enforcement Thus, 
upon retrieval, any keys so encrypted can only be decrypted by law enforcement officials 
with knowledge of the private key. 

Once the key is at the CALEA server, messages are redirected by the 
network to the server so that they may be decoded using the key and monitored by law 
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enforcement officials. Thus, embodiments of the gateway controller of the present 
invention includes support for the CALEA requirements. 

The present invention provides a method and apparatus for establishing a 
secure communication channel between two users in a telephony network. It will be 
apparent to those with skill in the art that modifications to the above methods and 
embodiments can occur without deviating from the scope of the present invention. 
Accordingly, the disclosures and descriptions herein are intended to be illustrative, but 
not limiting, of the scope of the invention which is set forth in the following claims. 
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WHAT IS CLAIMED IS: 

1 L A method for establishing a secure communication channel in an IP 

2 telephony network between a first and a second user, wherein the first user and the second 

3 user are coupled to first and second telephony adapters, which in turn, are coupled to first 

4 and second gateway controllers, respectively, wherein the gateway controllers control 

5 user access to the IP telephony network, and wherein the telephony adapters encrypt and 

6 decrypt user information exchanged over the IP telephony network, the method 
f* 4 7 comprising: 

m 8 receiving a request at the first gateway controller to establish a secure 

2 9 communication channel between the first user and the second user; 



: ..t :-v . 



l'j 10 generating a secret key at the first gateway controller; 

63 1 1 distributing the secret key to the first and second telephony adapters over 

12 previously established secure connections; and 

13 establishing the secure communication channel between the first user and 
1 14 the second user by encrypting and decrypting information using the secret key. 



1 2. The method of claim 1 wherein the step of generating comprises a 

2 step of generating a random number at the first gateway controller to be used as the secret 

3 key. 

1 3, The method of claim 1 wherein the step of generating comprises a 

2 step of deriving the secret key at the first gateway controller, wherein the secret key is 

3 derived from a signaling key shared between the first telephony adapter and the first 

4 gateway controller. 

1 4. The method of claim 1 wherein the step of distributing comprises 

2 steps of: 

3 transmitting the secret key from the first gateway controller to the second 

4 gateway controller; 

5 transmitting the secret key from the second gateway controller to the 

6 second telephony adapter 

7 transmitting the secret key from the first gateway controller to the first 

8 telephony adapter. 
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1 5. The method of claim 1 farther comprising steps of; 

2 receiving a request at the first gateway controller to provide the secret key 

3 to a law enforcement server; and 

4 providing the secret key to the law enforcement server. 

1 6. An IP telephony network for establishing a secure communication 

2 channel between a first user and a second user, wherein the first user and the second user 

3 are coupled to first and second telephony adapters, which in turn, are coupled to first and 

4 second gateway controllers, respectively, wherein the gateway controllers control user 
13 5 access to an IP telephony backbone, and wherein the telephony adapters encrypt and 

6 decrypt user information exchanged over the IP telephony network, the IP telephony 

*M 7 network comprising: 

|m& 8 means for receiving a request at the first gateway controller to establish a 

ffi 

9 secure communication channel between the first user and the second user; 
10 means for generating a secret key at the first gateway controller; 

Hi:- 

la 1 1 means for distributing the secret key to the first and second telephony 

^ 12 adapters over a previously established secure connection; and 

13 13 means for establishing the secure communication channel between the first 

14 user and the second user by encrypting and decrypting information using the secret key, 

1 7. A gateway controller for establishing a secure communication 

2 channel in an IP telephony network, the gateway controller coupled between a telephony 

3 adapter and a telephony network backbone, the gateway controller comprising: 

4 a key creation module having logic to create a secret key; 

5 a key storage module coupled to the key creation module and having logic 

6 to store the secret key; and 

7 a message processor coupled to the key creation module and the key 

8 storage module, and having logic to process messages exchanged between the telephony 

9 adapter and the telephony network backbone, wherein the message processor further 

10 comprises: 

11 logic to receive a request to establish a secure communication 

12 channel between a first user and a second user, the first user couple to the telephony 

13 adapter, the second user coupled to a remote telephony adapter; 
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logic to distributed the secret key to the telephony adapters over 
previously established secure connections, whereby the secure communication channel 
between the first user and the second user may be established by encrypting and 
decrypting information using the secret key, 

8. The gateway controller of claim 7 wherein the key creation module 
has logic to generate a random number as the secret key. 

9. The gateway controller of claim 7 wherein the key creation module 
has logic to derive the secret key from a signaling key shared with the telephony adapter. 

1 0. The gateway controller of claim 7 wherein the key storage module 
has logic to encrypt the secret key before storage, using a public/private key pair 
belonging to law enforcement. 
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DECLARATION 



As a below named inventor. I declare that: 



My residence, post office address and citizenship are as stated below next to my name; I believe I am the original, first and sole 
inventor (if only one name is listed below) or an original, first and joint inventor (if plural inventors are named below) of the subject 
matter which is claimed and for which a patent is sought on the invention entitled: KEY MANAGEMENT FOR TELEPHONE 

CALLS TO PROTECT SIGNALING AND CALL PACKETS BETWEEN CTA'S the specification of which is attached 

hereto or i was filed as U.S. Application No, 09/890,180 the National Phase of PCT/US00/02174, filed January 28, 2000 and 
was amended on (if applicable), and was amended on (if applicable). 

I have reviewed and understand the contents of the above identified specification, including the claims, as amended by any 
amendment referred to above. I acknowledge the duty to disclose information which is material to patentability as defined in Title 37, 
Code of Federal Regulations, Section 1.56. I claim foreign priority benefits under Title 35, United States Code, Section 1 19 of any 
foreign applications) for patent or inventor's certificate listed below and have also identified below any foreign application for patent 
or inventor's certificate having a filing date before that of the application on which priority is claimed. 
■ m 

Bflfor Foreig n Application^) 



Country 


Application No. 


Date of Filing 


Priority Claimed Under 
35 USC 119 











Ip|reby claim the benefit under Title 35, United States Code § 1 19(e) of any United States provisional applications) listed below: 



fi i 
■ ~3 



Application No. 


Filing Date 


60/117,788 


January 29, 1999 


60/128,772 


April 9, 1999 



Itliaim the benefit under Title 35, United States Code, Section 120 of any United States application^) listed below and, insofar as the 
subject matter of each of the claims of this application is not disclosed in the prior United States application in the manner provided by 
the first paragraph of Title 35, United States Code, Section 112, 1 acknowledge the duty to disclose material information as defined in 
Title 37, Code of Federal Regulations, Section 1 .56 which occurred between the filing date of the prior application and the national or 
PCT international filing date of this application: 



Application No. 


Date of Filing 


Status 









Full Name of 
Inventor 1: 


Last Name: 
JMEDMNSKY 


First Name: 
ALEXANDER 


Middle Name or Initial: 


Residence & 
Citizenship: 


City: 

SanJlLegO- 


State/Foreign Country: . J Jl ~ 

California C^I \ 


Country of Citizenship: 

United States 


Post Office 
Address: 


Post Office Address: 
8873 Hampe Court 


City: 

San Diego 


State/Country: 
California 


Postal Code: 

92129 
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Full Name of 
Inventor 2: 


Last Name: 
ANDERSON 


First Name: 
51EVEN_ 


Middle Name or Initial: 
E. 


Residence & 
Citizenship: 


City: 

San Diego 


State/Foreign Country: s v-\ 

California ( 


Country of Citizenship: 

United States 


Post Office 
Address: 


Post Office Address: 
5521 Taft Avenue 


City: 

San Diego 


State/Country: 
California 


Postal Code: 
92037 


Full Name of 
Inventor 3: 


Last Name: 
MQROSEY 


First Name: 
PAUL _ 


Middle Name or Initial: 


Residence & 
Citizenship: 


City: 

Olivenhain , 


State/Foreign Country: /\ 

California ( ^ pf 


Country of Citizenship: 

United States 


Post Office 
Address: 


Post Office Address: 

3411 Western Springs Road 


City: 

Olivenhain 


State/Country: 
California 


Postal Code: 
92024 


Full Name of 
Inventor 4: 


Last Name: 
gPgJINK 


First Name: 
ERIC— 


Middle Name or Initial: 
J. 


Residence & 
Citizenship: 


City: 

Carlsbad^ 


State/Foreign Country: _ /X — 
California ( y \ \ 


Country of Citizenship: 
United States 


Post Office 
Address: 


Post Office Address: 
7309 Bolero Street 


City: 

Carlsbad 


State/Country: 
California 


Postal Code: 
92009 


Full Name of 
Inventor 5: 


Last Name: 
FELLOWS 

* — ■■■ 


First Name: 

JONATHAN^ 


Middle Name or Initial: 

A, 


Residence & 
Citizenship: 


City: 

Del Mar_^- 


State/Foreign Country: ^ 

California CJL^I \ 


Country of Citizenship: 

United States 


Post Office 
Address: 


Post Office Address: 
13161 Shalimar PL 


City: 

Del Mar 


State/Country: 
California 


Postal Code: 
92014 



farther declare that all statements made herein of my own knowledge are true and that all statements made on information and belief 
jfefe believed to be true; and further that these statements were made with the knowledge that willful false statements and the like so 
if&de are punishable by fine or imprisonment, or both, under Section 1001 of Title 18 of the United States Code, and that such willful 
Idse statements may jeopardize the validity of the application or any patent issuing thereon. 



^nature of Inventor 1 


Signature of Inventor 2 


Signature of Inventor 3 


Alexander Medvinsky ^ 


Steven E. Anderson 


Paul Moroney ^ 




Date 


Date l('2M-l*«( 


Signature of Inventor 4 


Signature of Inventor 5 




Eric J. Spnk& ' 


Jonathan A. Fellows 




Date M- Z*t~Oi 


Date 
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Full Name of 
Inventor 2: 


Last Name: 
ANDERSON 


First Name: 

SJEXE&-~ 


Middle Name or Initial: 
E. 


Residence & 
Citizenship: 


City: 

SanJJijego 


State/Foreign Country: / 
California ( y f\ 


Country of Citizenship: 
United States 


Post Office 
Address: 


Post Office Address: 
5521 Taft Avenue 


City: 

San Diego 


State/Country: 
California 


Postal Code: 
92037 


Full Name of 
Inventor 3: 


Last Name: 
JMQRQNE¥ 


First Name: 

PAXIL 


Middle Name or Initial: 


Residence & 
Citizenship: 


City: 

-QMveabain 


State/Foreign Country: A 
California f~ J\ 


Country of Citizenship: 
United States 


Post Office 
Address: 


Post Office Address: 

3411 Western Springs Road 


City: 

Olivenhain 


State/Country: 

California 


Postal Code: 
92024 


Full Name of 
Inventor 4: 


Last Name: 

SERUNK 


First Name: 

ERIC 


Middle Name or Initial: 
J. 


Residence & 
Citizenship: 


City: 

Carlsbad 


State/Foreign Country: >/ \ 

California (_^* ^ 


Country of Citizenship: 

United States 


Post Office 
Address- 


Post Office Address: 
7309 Bolero Street 


City: 

Carlsbad 


State/Country: 
California 


Postal Code: 
92009 


Full Name of 
Inventor 5: 


Last Name: 

FELLOWJS 


First Name: 
JONATHAN 


Middle Name or Initial: 
A. 


Residence & 
Citizenship: 


City: 

Del Mar 


State/Foreign Country: > /L 
California L^P^ 


Country of Citizenship: 
United States 


Post Office 
Address: 


Post Office Address: 
13161 Shalimar PL 


City: 

Del Mar 


State/Country: 
California 


Postal Code: 
92014 



I tether declare that all statements made herein of my own knowledge are true and that all statements made on hrformation and belief 
airelbelieved to be true; and further that these statements were made with the knowledge that willful false statements and the like so 
nfaiie are punishable by fine or imprisonment, or both, under Section 1001 of Title 18 of the United States Code, and that such willful 
fftsje statements may jeopardize the validity of the application or any patent issuing thereon. 



Sppature of Inventor 1 


Sign^^^f^^^^^ 


Signature of Inventor 3 


Alexander Medvinsky ^ 


Steven E. Anderson 


Paul Morone^ ^ 


Date [\~Xk-100{ 


Date /7-/7/ZOO/ 


Date H'U*-^ 


Signature of Inventor 4 


Signature of Inventor 5 




Eric J. Spring 


Jonathan A. Fellows 


Date ll- Z°{~ o { 


Date 
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Full Name of 
Inventor 2: 


Last Name: 
ANDERSON 


First Name: 
STEVEN 


Middle Name or Initial: 
E. 


Residence & 
Citizenship: 


City: 

San Diego 


State/Foreign Country: 
California 


Country of Citizenship: 
United States 


Post Office 
Address: 


Post Office Address: 
5521 Taft Avenue 


City: 

San Diego 


State/Country: 
California 


Postal Code: 
92037 


Full Name of 
Inventor 3: 


Last Name: 
MORQJSEY 


First Name: 
EAUfc — 


Middle Name or Initial: 


Residence & 
Citizenship: 


City: 

Olivenhain _j 


State/Foreign Country: „ V"V^ 
California • ( J} \ 


Country of Citizenship: 
United States 


Post Office 
Address: 


Post Office Address: 

3411 Western Springs Road 


City: 

Olivenhain 


State/Country: 
California 


Postal Code: 
92024 


Full Name of 
Inventor 4: 


Last Name: 
SPRUNK 


First Name: 

JBKL^ 


Middle Name or Initial: 
J. 


IwiMUvllvv Vtr 

Citizenship: 


City: 

jQarlsbad 


State/Foreign Country: ,/ , 
California ( y f\ 


Country of Citizenship: 

United States 


Post Office 

Address: 


Post Office Address: 
7309 Bolero Street 


City: 

Carlsbad 


State/Country: 
California 


Postal Code: 
92009 


Full Name of 

7 

inventor 5: 


Last Name: 
FELLOWS 


First Name: 
JONATHAN 


Middle Name or Initial: 
A. 


Residence & 
Citizenship: 


City: 

JDelM3J> 


State/Foreign Country^ /V- 
California (y'M 


Country of Citizenship: 
United States 


Post Office 
Address: 


Post Office Address: 
13161 ShalimarPL 


City: 

Del Mar 


State/Country: 
California 


Postal Code: 
92014 



'5 





ijj&irther declare that all statements made herein of my own knowledge are true and that all statements made on information and belief 
IS believed to be true; and further that these statements were made with the knowledge that willful false statements and the like so 
rltide are punishable by fine or imprisonment, or both, under Section 1001 of Title 18 of the United States Code, and that such willful 
Ale statements may jeopardize the validity of the application or any patent issuing thereon. 



m , 

Signature of Inventor 1 


Signature of Inventor 2 


Signature of Inventor 3 


Alexander Medvinsky ^ 


Steven E. Anderson 


Paul Moroney ^ 


Dae tKHW^f 


Date 


Date H-l^'^f 


Signature of Inventor 4 


Signature of Inventor 5 




Eric J. Sprung 


/Jonathan A. Fellows 


Date tl- 


Date H V*C0\ 
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Application Number 


09/890,1 80, the National Phase ot 
PCT/US00/02174, filed January 28, 2000 




Filing Date 




POWER OF ATTORNEY OR 


First Named Inventor 


Alexander Medvinsky, et al. 


AUTHORIZATION OF AGENT 


Title 


KEY MANAGEMENT FOR TELEPHONE CALLS TO 
PROTECT SIGNALING AND CALL PACKETS 
BETWEEN CTA'S 




Group Art Unit 






Examiner Name 






Attorney Docket Number 


018926003900US 



I hereby appoint: 

E3 Practitioners at Customer Number 
OR 

□ Practitioners) named below: 



20350 



Place Customer 
Number Bar Code 
Label here 



Name 


Registration Number 



















as my/our attorney(s) or agent(s) to prosecute the application identified above, and to transact all 
business in the United States Patent and Trademark Office connected therewith. 



Please change the correspondence address for the above-identified application to: 
Q The above-mentioned Customer Number^ 
OR 

O Practitioners at Customer Number 



D Firm or 

Individual Name 



Address 



Address 



City 



State 



ZIP 



Country 



Telephone 



Fax 



I am the: 

□ Applicant/Inventor. 

X Assignee of record of the entire interest. See 37 CFR 3.71. 

Statement under 37 CFR 3.73(b) is enclosed. (Form PTO/SB/96). 



SIGNATURE of Applicant or Assignee of Record 



Name 



Charles M» Fish, Assistant Secretary 



Signature 



Date 



NOTE: Signatures of all the inventors or assignees of record of the entire interest or their representative^) are required. 
Submit multiple forms if more than one signature is required, see below*. 



□ *Totalof_ 



forms are submitted. 



Burden Hour Statement: This form is estimated to take 3 minutes to complete. Time will vary depending upon the needs of the individual case. Any Comments on the amount of 
time you are required to complete this form should be sent to the Chief Information Officer, U.S. Patent and Trademark Office, Washington, DC 20231 . DO NOT SEND FEES 
OR COMPLETED FORMS TO THIS ADDRESS. SEND TO: Assistant Commissioner for Patents, Washington, DC 20231 . 
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